While today’s modern vehicles promise an increased level of connectivity to improve user experience and safety, cybercriminals could still abuse these improvements to wreak havoc on the road and steal personal data from users, thus making dynamic security for connected cars paramount.
With technologies and systems such as 5G, the cloud, and fleet management, today’s contemporary vehicles give users a more connected experience, creating a sense that they have everything conveniently within their reach even while in transit. Naturally, these developments have also widened the attack surface for connected cars, making it necessary to examine both the benefits and security risks that vehicle interconnectivity brings.
5G and increased vehicle connectivity
The rollout of 5G or fifth generation cellular networks has dramatically advanced tech-based industries, the automotive industry included. With speed that’s a hundred times faster than its predecessor, 5G enables vehicle connectivity to networks, devices, and other vehicles through cellular vehicle to everything (C-V2X). C-V2X is intended to thoroughly make a 5G car part of the environment around it, making it capable of reacting to events.
C-V2X connects vehicles to their environment in three ways:
- Vehicle to Network (V2N). With V2N, connected vehicles can receive information about traffic conditions, weather forecasts, and other public safety events. Other benefits include more reliable connectivity, anti-theft measures, and fleet management.
- Vehicle to Device (V2D). V2D allows vehicles to detect the location of pedestrians carrying mobile devices, thereby preventing vehicle-pedestrian collisions. Fleet managers can also use V2D to gather information from inside a car for analytics.
- Vehicle to Vehicle (V2V). V2V allows vehicles to communicate with each other by exchanging certificates directly through public key infrastructure (PKI). This helps prevent collisions as vehicles navigate intersections. This is also useful in regular driving activities, such as changing lanes or looking for nearby parking space.
However, while increased connectivity offers unique advantages that could help with more efficient driving and public safety, C-V2X is accompanied by other developments in contemporary vehicles that expose them to both well-known and relatively new kinds of attacks.
ECUs and the cloud
The cloud has redefined the way we store, share, and exchange information. In the automotive industry, the possibility of moving some of the electronic control units (ECU) to the cloud can offer some advantages, such as:
- Simplified E/E architecture
- Massively expanded processing capabilities
- Enhanced road situational awareness
- Improved fuel, battery, emissions, and operational efficiency
- Distributed cloud servers plus full-coverage, low-latency network, making attack surfaces more resistant to malicious attacks
However, having a cloud-based car E/E architecture also poses the following immediate threats to OEMs, suppliers, and drivers:
- Denial of service (DoS)
- Man-in-the-middle (MitM) attack
- Hijacking of services
- Latency issues
- Misconfiguration issues
- Cloud supply chain issues
Fleet management systems
Fleet management pertains to collectively monitoring and managing a large fleet of vehicles. An effective fleet management can reduce costs, improve vehicle safety, and collect data for analysis. With connected cars, fleet management has become less complicated but also more vulnerable to abuse. Here are some threats that operators and enterprises should watch out for:
- Underground taxicab fraud. Hackers can use simulators (sold in underground forums) that fake vehicle activity. When used in connected taxis, these simulators can generate false data on driving and pickup history to increase profits.
- DDoS and MitM attacks. A distributed denial-of-service (DDoS) or MitM attack on a single vehicle alone can already cause inconvenience and spell out danger for users and pedestrians, making such attacks on an entire fleet of connected cars a menace for public safety (for example, by causing accelerated speeds and creating traffic jams).
Traditional IT attacks on connected cars
Researchers from Trend Micro used four case studies on remote car hacking (Jeep Hack 2015, Tesla Hack 2016 and 2017, and BMW Hack 2018) to find any similarities or patterns. They determined two general observations:
- Hackers use either a mobile network or a Wi-Fi network as their initial attack vector, and all four remote hacking incidents involved MitM attacks that used these networks.
- All modern cars have an infotainment hub, which also serves as their head unit. Hackers prefer to target this since all new head units have the capability to talk to a vehicle’s gateway ECU, making them an ideal entry point into a vehicle’s bus network.
While connected car technologies offer quality services to improve the lives of users, developments in interconnectivity create more lucrative opportunities for cybercriminals to take advantage of. Aside from posing physical dangers to users, cyberattacks could also mean the loss of personally identifiable information (PII) and network and processor resources inside a vehicle. Trend Micro’s research paper titled “Cybersecurity for Connected Cars: Exploring Risks in 5G, Cloud, and Other Connected Technologies” expands on these risks and recommends proactive defenses that car manufacturers and security analysts should consider as the future of modern vehicles continues to unfold.
Read more about cybersecurity risks in connected cars and learn the best security practices in our resource center.